NotCVE - vendor:"Selinc" product:"Acselerator Quickset"

6 results (0.002 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-31172 – Incomplete Filtering of Special Elements

https://notcve.org/view.php?id=CVE-2023-31172

31 Aug 2023 — An Incomplete Filtering of Special Elements vulnerability in the Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software could allow an attacker to embed instructions that could be executed by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5030 acSELerator QuickSet Software: through 7.1.3.0. • https://selinc.com/support/security-notifications/external-reports • CWE-791: Incomplete Filtering of Special Elements •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-31171 – Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

https://notcve.org/view.php?id=CVE-2023-31171

31 Aug 2023 — An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in the Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software could allow an attacker to embed instructions that could be executed by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5030 acSELerator QuickSet Software: through 7.1.3.0. • https://selinc.com/support/security-notifications/external-reports • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-31170 – Inclusion of Functionality from Untrusted Control Sphere

https://notcve.org/view.php?id=CVE-2023-31170

31 Aug 2023 — An Inclusion of Functionality from Untrusted Control Sphere vulnerability in the Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software could allow an attacker to embed instructions that could be executed by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5030 acSELerator QuickSet Software: through 7.1.3.0. • https://selinc.com/support/security-notifications/external-reports • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-31169 – Improper Handling of Unicode Encoding

https://notcve.org/view.php?id=CVE-2023-31169

31 Aug 2023 — An Improper Handling of Unicode Encoding vulnerability in the Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software could allow an attacker to embed instructions that could be executed by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5030 acSELerator QuickSet Software: through 7.1.3.0. An Improper Handling of Unicode Encoding vulnerability in the Schweitzer Engineering Laboratories SEL-5030 acSELer... • https://selinc.com/support/security-notifications/external-reports • CWE-176: Improper Handling of Unicode Encoding CWE-755: Improper Handling of Exceptional Conditions •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-31168 – Inclusion of Functionality from Untrusted Control Sphere

https://notcve.org/view.php?id=CVE-2023-31168

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2013-0665

https://notcve.org/view.php?id=CVE-2013-0665

21 Mar 2013 — Schweitzer Engineering Laboratories (SEL) AcSELerator QuickSet before 5.12.0.1 uses weak permissions for its Program Files directory, which allows local users to replace executable files, and consequently gain privileges, via standard filesystem operations. Schweitzer Engineering Laboratories (SEL) AcSELerator QuickSet anterior a 5.12.0.1 utiliza permisos débiles para el directorio Program Files, que permite a usuarios locales para reemplazar los archivos ejecutables, y en consecuencia obtener privilegios, ... • http://ics-cert.us-cert.gov/pdf/ICSA-13-079-01.pdf • CWE-264: Permissions, Privileges, and Access Controls •